chore: add semantic-release

close #153

.commitlintrc.json

@@ -0,0 +1 @@
+{ "extends": ["@commitlint/config-conventional"] }

.github/ISSUE_TEMPLATE/BUG.md

@@ -1,6 +1,7 @@
 ---
 name: '🐛 Bug Report'
 about: 'Report an unexpected problem or unintended behavior.'
+title: '[Bug]'
 labels: 'bug'
 ---
 

.github/ISSUE_TEMPLATE/DOCUMENTATION.md

@@ -1,20 +1,18 @@
 ---
 name: '📜 Documentation'
 about: 'Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...).'
+title: '[Documentation]'
 labels: 'documentation'
 ---
 
-<!--
+<!-- Please make sure your issue has not already been fixed. -->
-Please make sure your issue has not already been fixed.
 
-Please place an x (no spaces - [x]) in all [ ] that apply.
+## Documentation
--->
 
-### Documentation :
+<!-- Please uncomment the type of documentation problem this issue address -->
 
-- [ ] Is Missing
+<!-- Documentation is Missing -->
-- [ ] Is Confusing
+<!-- Documentation is Confusing -->
-- [ ] Has Typo errors
+<!-- Documentation has Typo errors -->
-- [ ] Not Sure?
 
-### Proposal
+## Proposal

.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md

@@ -1,19 +1,20 @@
 ---
 name: '✨ Feature Request'
 about: 'Suggest a new feature idea.'
+title: '[Feature]'
 labels: 'feature request'
 ---
 
 <!-- Please make sure your issue has not already been fixed. -->
 
-### Description
+## Description
 
 <!-- A clear and concise description of the problem or missing capability... -->
 
-### Describe the solution you'd like
+## Describe the solution you'd like
 
 <!-- If you have a solution in mind, please describe it. -->
 
-### Describe alternatives you've considered
+## Describe alternatives you've considered
 
 <!-- Have you considered any alternative solutions or workarounds? -->

.github/ISSUE_TEMPLATE/IMPROVEMENT.md

@@ -1,21 +1,20 @@
 ---
 name: '🔧 Improvement'
 about: 'Improve structure/format/performance/refactor/tests of the code.'
+title: '[Improvement]'
 labels: 'improvement'
 ---
 
-<!--
+<!-- Please make sure your issue has not already been fixed. -->
-Please make sure your issue has not already been fixed.
 
-Please place an x (no spaces - [x]) in all [ ] that apply.
+## Type of Improvement
--->
 
-### Type of Improvement :
+<!-- Please uncomment the type of improvements this issue address -->
 
-- [ ] Files and Folders Structure
+<!-- Files and Folders Structure -->
-- [ ] Performance
+<!-- Performance -->
-- [ ] Refactoring code
+<!-- Refactoring code -->
-- [ ] Tests
+<!-- Tests -->
-- [ ] Not Sure?
+<!-- Not Sure? -->
 
-### Proposal
+## Proposal

.github/ISSUE_TEMPLATE/QUESTION.md

@@ -1,6 +1,7 @@
 ---
 name: '🙋 Question'
 about: 'Further information is requested.'
+title: '[Question]'
 labels: 'question'
 ---
 

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,27 +1,7 @@
-<!--
+<!-- Please first discuss the change you wish to make via issue before making a change. It might avoid a waste of your time. -->
 
-Please first discuss the change you wish to make via issue before making a change. It might avoid a waste of your time.
+## What changes this PR introduce?
 
-Before submitting your contribution, please take a moment to review this document:
+## List any relevant issue numbers
-https://github.com/Thream/socketio-jwt/blob/master/.github/CONTRIBUTING.md
 
-Please place an x (no spaces - [x]) in all [ ] that apply.
+## Is there anything you'd like reviewers to focus on?
-
--->
-
-### What type of change does this PR introduce?
-
-- [ ] Bugfix
-- [ ] Feature
-- [ ] Refactor
-- [ ] Documentation
-- [ ] Not Sure?
-
-### Does this PR introduce breaking changes?
-
-- [ ] Yes
-- [ ] No
-
-### List any relevant issue numbers:
-
-### Description:

.github/dependabot.yml

@@ -1,5 +1,3 @@
-# For more information see: https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates
-
 version: 2
 updates:
   - package-ecosystem: 'github-actions'

.github/workflows/build.yml

@@ -0,0 +1,25 @@
+name: 'Build'
+
+on:
+  push:
+    branches: [master, develop]
+  pull_request:
+    branches: [master, develop]
+
+jobs:
+  build:
+    runs-on: 'ubuntu-latest'
+    steps:
+      - uses: 'actions/checkout@v2'
+
+      - name: 'Use Node.js'
+        uses: 'actions/setup-node@v2.3.0'
+        with:
+          node-version: '16.x'
+          cache: 'npm'
+
+      - name: 'Install'
+        run: 'npm install'
+
+      - name: 'Build Package'
+        run: 'npm run build'

.github/workflows/commitlint.yml

@@ -1,20 +0,0 @@
-# For more information see: https://github.com/marketplace/actions/commit-linter
-
-name: 'Lint Commit Messages'
-
-on:
-  push:
-    branches: [master, develop]
-  pull_request_review:
-    branches: [master, develop]
-    types: [submitted]
-
-jobs:
-  commitlint:
-    if: ${{ (github.event_name == 'push') || (github.event_name == 'pull_request_review' && github.event.review.state == 'approved' && (github.event.review.author_association == 'COLLABORATOR' || github.event.review.author_association == 'MEMBER' || github.event.review.author_association == 'OWNER') && !github.event.pull_request.draft && github.event.pull_request.state == 'open') }}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: 'actions/checkout@v2'
-        with:
-          fetch-depth: 0
-      - uses: 'wagoid/commitlint-github-action@v2'

.github/workflows/lint.yml

@@ -0,0 +1,27 @@
+name: 'Lint'
+
+on:
+  push:
+    branches: [master, develop]
+  pull_request:
+    branches: [master, develop]
+
+jobs:
+  lint:
+    runs-on: 'ubuntu-latest'
+    steps:
+      - uses: 'actions/checkout@v2'
+
+      - name: 'Use Node.js'
+        uses: 'actions/setup-node@v2.3.0'
+        with:
+          node-version: '16.x'
+          cache: 'npm'
+
+      - name: 'Install'
+        run: 'npm install'
+
+      - run: 'npm run lint:commit -- --to "${{ github.sha }}"'
+      - run: 'npm run lint:editorconfig'
+      - run: 'npm run lint:markdown'
+      - run: 'npm run lint:typescript'

.github/workflows/nodejs.yml

@@ -1,47 +0,0 @@
-# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
-
-name: 'Node.js CI'
-
-on:
-  push:
-    branches: [master, develop]
-  pull_request_review:
-    branches: [master, develop]
-    types: [submitted]
-
-jobs:
-  ci_app:
-    if: ${{ (github.event_name == 'push') || (github.event_name == 'pull_request_review' && github.event.review.state == 'approved' && (github.event.review.author_association == 'COLLABORATOR' || github.event.review.author_association == 'MEMBER' || github.event.review.author_association == 'OWNER') && !github.event.pull_request.draft && github.event.pull_request.state == 'open') }}
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node-version: [14.x]
-    steps:
-      - uses: 'actions/checkout@v2'
-
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: 'actions/setup-node@v2.1.4'
-        with:
-          node-version: ${{ matrix.node-version }}
-
-      - name: 'Cache dependencies'
-        uses: 'actions/cache@v2'
-        with:
-          path: |
-            **/node_modules
-          key: ${{ runner.os }}-${{ hashFiles('**/package.json') }}
-
-      - name: 'Install dependencies'
-        run: 'npm install'
-
-      - name: 'Lint'
-        run: 'npm run lint'
-
-      - name: 'Build'
-        run: 'npm run build'
-
-      - name: 'Run the tests and generate coverage report'
-        run: 'npm test'
-
-      - name: 'Upload coverage to Codecov'
-        uses: 'codecov/codecov-action@v1'

.github/workflows/npm-publish.yml

@@ -1,30 +0,0 @@
-# For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages
-
-name: 'Node.js Package'
-
-on:
-  release:
-    types: [created]
-
-jobs:
-  publish-npm:
-    runs-on: 'ubuntu-latest'
-    steps:
-      - uses: 'actions/checkout@v2'
-
-      - name: 'Cache dependencies'
-        uses: 'actions/cache@v2'
-        with:
-          path: '**/node_modules'
-          key: ${{ runner.os }}-${{ hashFiles('**/package.json') }}
-
-      - uses: 'actions/setup-node@v2.1.2'
-        with:
-          node-version: 14
-          registry-url: 'https://registry.npmjs.org/'
-
-      - run: 'npm install'
-      - run: 'npm run build'
-      - run: 'npm publish --access public'
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}

.github/workflows/release.yml

@@ -0,0 +1,29 @@
+name: 'Release'
+
+on:
+  push:
+    branches: [master]
+
+jobs:
+  release:
+    runs-on: 'ubuntu-latest'
+    steps:
+      - uses: 'actions/checkout@v2'
+
+      - name: 'Use Node.js'
+        uses: 'actions/setup-node@v2.3.0'
+        with:
+          node-version: '16.x'
+          cache: 'npm'
+
+      - name: 'Install'
+        run: 'npm install'
+
+      - name: 'Build Package'
+        run: 'npm run build'
+
+      - name: 'Release'
+        run: 'npm run release'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/test.yml

@@ -0,0 +1,28 @@
+name: 'Test'
+
+on:
+  push:
+    branches: [master, develop]
+  pull_request:
+    branches: [master, develop]
+
+jobs:
+  test:
+    runs-on: 'ubuntu-latest'
+    steps:
+      - uses: 'actions/checkout@v2'
+
+      - name: 'Use Node.js'
+        uses: 'actions/setup-node@v2.3.0'
+        with:
+          node-version: '16.x'
+          cache: 'npm'
+
+      - name: 'Install'
+        run: 'npm install'
+
+      - name: 'Test'
+        run: 'npm run test'
+
+      - name: 'Upload Coverage'
+        uses: 'codecov/codecov-action@v2.0.1'

.gitignore

@@ -2,9 +2,7 @@
 
 # dependencies
 node_modules
-.pnp
+.npm
-.pnp.js
-.yarn
 
 # production
 build
@@ -12,19 +10,8 @@ build
 # testing
 coverage
 
-# envs
-.env
-.env.production
-
 # debug
 npm-debug.log*
-yarn-debug.log*
-yarn-error.log*
-
-# lockfiles
-package-lock.json
-yarn.lock
-pnpm-lock.yaml
 
 # editors
 .vscode

.husky/commit-msg

@@ -0,0 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+npm run lint:commit -- --edit

.husky/pre-commit

@@ -0,0 +1,7 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+npm run lint:editorconfig
+npm run lint:markdown
+npm run lint:typescript
+npm run build

.markdownlint.json

@@ -0,0 +1,7 @@
+{
+  "default": true,
+  "MD013": false,
+  "MD024": false,
+  "MD033": false,
+  "MD041": false
+}

.npmrc

@@ -1,2 +1 @@
-package-lock=false
 save-exact=true

.releaserc.json

@@ -0,0 +1,19 @@
+{
+  "branches": ["master"],
+  "plugins": [
+    [
+      "@semantic-release/commit-analyzer",
+      {
+        "preset": "conventionalcommits"
+      }
+    ],
+    [
+      "@semantic-release/release-notes-generator",
+      {
+        "preset": "conventionalcommits"
+      }
+    ],
+    "@semantic-release/npm",
+    "@semantic-release/github"
+  ]
+}

.yarnrc

@@ -1,2 +0,0 @@
-install.no-lockfile true
-save-exact true

CHANGELOG.md

@@ -1,8 +1,70 @@
 # Changelog
 
+## [2.1.0](https://github.com/Thream/socketio-jwt/compare/v2.0.0...v2.1.0) (2021-03-08)
+
+### Features
+
+- add optional `onAuthentication` option to add `user` property in `socket` object ([#62](https://github.com/Thream/socketio-jwt/issues/62)) ([c7f64a6](https://github.com/Thream/socketio-jwt/commit/c7f64a6312a3e1f6f04918cb7cd415ddef7a11e5))
+
+## [2.0.0](https://github.com/Thream/socketio-jwt/compare/v1.1.1...v2.0.0) (2021-02-22)
+
+### Features
+
+- usage of auth option to send credentials ([a14d4e9](https://github.com/Thream/socketio-jwt/commit/a14d4e937b764fdf4fb6b173c55b6f49688766dd))
+
+  See: <https://socket.io/docs/v3/middlewares/#Sending-credentials>
+
+### BREAKING CHANGES
+
+- `extraHeaders` with `Authorization` doesn't work anymore
+
+### Migration
+
+You need to change the way to connect client side.
+
+Before :
+
+```ts
+import { io } from 'socket.io-client'
+
+const socket = io('http://localhost:9000', {
+  extraHeaders: { Authorization: `Bearer ${yourJWT}` }
+})
+```
+
+After :
+
+```ts
+import { io } from 'socket.io-client'
+
+const socket = io('http://localhost:9000', {
+  auth: { token: `Bearer ${yourJWT}` }
+})
+```
+
+## [1.1.1](https://github.com/Thream/socketio-jwt/compare/v1.1.0...v1.1.1) (2021-01-28)
+
+### Bug Fixes
+
+- **types:** decodedToken in secret callback ([c1a9213](https://github.com/Thream/socketio-jwt/commit/c1a9213a527e4c6188328221372e1f40191a790e)), closes [#21](https://github.com/Thream/socketio-jwt/issues/21)
+
+### Documentation
+
+- update server side usage with `jwks-rsa` : get the secret with `key.getPublicKey()` instead of `key.rsaPublicKey`
+
+## [1.1.0](https://github.com/Thream/socketio-jwt/compare/v1.0.1...v1.1.0) (2021-01-07)
+
+### Features
+
+- add algorithms option ([abbabc5](https://github.com/Thream/socketio-jwt/commit/abbabc588e3ea8b906fa0a0dcc83c91a3b5b5ea8))
+- add support for jwks-rsa ([#1](https://github.com/Thream/socketio-jwt/issues/1)) ([261e8d6](https://github.com/Thream/socketio-jwt/commit/261e8d66e2ec6fefb77429abcef8f846d996ecac))
+- improve types by extending socket.io module ([#6](https://github.com/Thream/socketio-jwt/issues/6)) ([84b523f](https://github.com/Thream/socketio-jwt/commit/84b523f4348c81933887f0dc700f438c84bd779a))
+
 ## [1.0.1](https://github.com/Thream/socketio-jwt/compare/v1.0.0...v1.0.1) (2020-12-29)
 
-- docs(readme): fix usage section by correctly importing `authorize`
+### Documentation
+
+- fix usage section by correctly importing `authorize`
 
 ## [1.0.0](https://github.com/Thream/socketio-jwt/compare/v4.6.2...v1.0.0) (2020-12-29)
 

README.md

@@ -1,25 +1,30 @@
-<h1 align="center"><a href="https://www.npmjs.com/package/@thream/socketio-jwt">Thream/socketio-jwt</a></h1>
+<h1 align="center">Thream/socketio-jwt</h1>
 
 <p align="center">
   <strong>Authenticate socket.io incoming connections with JWTs.</strong>
 </p>
 
 <p align="center">
-  <a href="https://github.com/Thream/socketio-jwt/actions?query=workflow%3A%22Node.js+CI%22"><img src="https://github.com/Thream/socketio-jwt/workflows/Node.js%20CI/badge.svg" alt="Node.js CI" /></a>
+  <a href="./CONTRIBUTING.md"><img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat" /></a>
-  <a href="https://codecov.io/gh/Thream/socketio-jwt"><img src="https://codecov.io/gh/Thream/socketio-jwt/branch/develop/graph/badge.svg" alt="codecov" /></a>
-  <a href="https://dependabot.com/"><img src="https://badgen.net/github/dependabot/Thream/socketio-jwt?icon=dependabot" alt="Dependabot badge" /></a>
-  <a href="https://www.npmjs.com/package/@thream/socketio-jwt"><img src="https://img.shields.io/npm/v/@thream/socketio-jwt.svg" alt="npm version"></a>
-  <a href="https://www.npmjs.com/package/ts-standard"><img alt="TypeScript Standard Style" src="https://camo.githubusercontent.com/f87caadb70f384c0361ec72ccf07714ef69a5c0a/68747470733a2f2f62616467656e2e6e65742f62616467652f636f64652532307374796c652f74732d7374616e646172642f626c75653f69636f6e3d74797065736372697074"/></a>
   <a href="./LICENSE"><img src="https://img.shields.io/badge/licence-MIT-blue.svg" alt="Licence MIT"/></a>
+  <a href="./CODE_OF_CONDUCT.md"><img src="https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg" alt="Contributor Covenant" /></a>
+  <a href="https://dependabot.com/"><img src="https://badgen.net/github/dependabot/Thream/socketio-jwt?icon=dependabot" alt="Dependabot badge" /></a>
+  <br/>
+  <a href="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml/badge.svg?branch=develop" /></a>
+  <a href="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml/badge.svg?branch=develop" /></a>
+  <a href="https://github.com/Thream/socketio-jwt/actions/workflows/test.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/test.yml/badge.svg?branch=develop" /></a>
+  <a href="https://codecov.io/gh/Thream/socketio-jwt"><img src="https://codecov.io/gh/Thream/socketio-jwt/branch/develop/graph/badge.svg" alt="codecov" /></a>
+  <br />
   <a href="https://conventionalcommits.org"><img src="https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg" alt="Conventional Commits" /></a>
-  <a href="./.github/CODE_OF_CONDUCT.md"><img src="https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg" alt="Contributor Covenant" /></a>
+  <a href="https://github.com/semantic-release/semantic-release"><img src="https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg" alt="semantic-release" /></a>
+  <a href="https://www.npmjs.com/package/@thream/socketio-jwt"><img src="https://img.shields.io/npm/v/@thream/socketio-jwt.svg" alt="npm version"></a>
 </p>
 
 ## 📜 About
 
 Authenticate socket.io incoming connections with JWTs.
 
-Compatible with `socket.io >= 3.0`.
+Compatible with `socket.io >= 3.0.0`.
 
 This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) & it is not intended to take any credit but to improve the code from now on.
 
@@ -44,25 +49,89 @@ io.use(
   })
 )
 
-io.on('connection', async () => {
+io.on('connection', async (socket) => {
+  // jwt payload of the connected client
+  console.log(socket.decodedToken)
   const clients = await io.sockets.allSockets()
+  if (clients != null) {
     for (const clientId of clients) {
       const client = io.sockets.sockets.get(clientId)
-    client.emit('messages', { message: 'Success!' })
+      client?.emit('messages', { message: 'Success!' })
       // we can access the jwt payload of each connected client
-    console.log(client.decodedToken)
+      console.log(client?.decodedToken)
+    }
   }
 })
 ```
 
+### Server side with `jwks-rsa` (example)
+
+```ts
+import jwksClient from 'jwks-rsa'
+import { Server } from 'socket.io'
+import { authorize } from '@thream/socketio-jwt'
+
+const client = jwksClient({
+  jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json'
+})
+
+const io = new Server(9000)
+io.use(
+  authorize({
+    secret: async (decodedToken) => {
+      const key = await client.getSigningKeyAsync(decodedToken.header.kid)
+      return key.getPublicKey()
+    }
+  })
+)
+
+io.on('connection', async (socket) => {
+  // jwt payload of the connected client
+  console.log(socket.decodedToken)
+  // You can do the same things of the previous example there...
+})
+```
+
+### Server side with `onAuthentication` (example)
+
+```ts
+import { Server } from 'socket.io'
+import { authorize } from '@thream/socketio-jwt'
+
+const io = new Server(9000)
+io.use(
+  authorize({
+    secret: 'your secret or public key',
+    onAuthentication: async decodedToken => {
+      // return the object that you want to add to the user property
+      // or throw an error if the token is unauthorized
+    }
+  })
+)
+
+io.on('connection', async (socket) => {
+  // jwt payload of the connected client
+  console.log(socket.decodedToken)
+  // You can do the same things of the previous example there...
+  // user object returned in onAuthentication
+  console.log(socket.user)
+})
+```
+
+### `authorize` options
+
+- `secret` is a string containing the secret for HMAC algorithms, or a function that should fetch the secret or public key as shown in the example with `jwks-rsa`.
+- `algorithms` (default: `HS256`)
+- `onAuthentication` is a function that will be called with the `decodedToken` as a parameter after the token is authenticated. Return a value to add to the `user` property in the socket object.
+
 ### Client side
 
 ```ts
 import { io } from 'socket.io-client'
 
-// Require Bearer Tokens to be passed in as an Authorization Header
+// Require Bearer Token
 const socket = io('http://localhost:9000', {
-  extraHeaders: { Authorization: `Bearer ${yourJWT}` }
+  auth: { token: `Bearer ${yourJWT}` }
 })
 
 // Handling token expiration
@@ -82,7 +151,7 @@ socket.on('messages', (data) => {
 
 Anyone can help to improve the project, submit a Feature Request, a bug report or even correct a simple spelling mistake.
 
-The steps to contribute can be found in the [CONTRIBUTING.md](./.github/CONTRIBUTING.md) file.
+The steps to contribute can be found in the [CONTRIBUTING.md](./CONTRIBUTING.md) file.
 
 ## 📄 License
 

commitlint.config.js

@@ -1 +0,0 @@
-module.exports = { extends: ['@commitlint/config-conventional'] }

jest.config.js

@@ -0,0 +1,8 @@
+module.exports = {
+  preset: 'ts-jest',
+  testEnvironment: 'node',
+  rootDir: './src',
+  setupFilesAfterEnv: ['<rootDir>/__test__/setup.ts'],
+  collectCoverage: true,
+  coverageDirectory: '../coverage/'
+}

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@thream/socketio-jwt",
-  "version": "1.0.1",
+  "version": "0.0.0-development",
   "description": "Authenticate socket.io incoming connections with JWTs.",
   "license": "MIT",
   "main": "build/index.js",
@@ -9,7 +9,7 @@
     "build"
   ],
   "engines": {
-    "node": ">=12"
+    "node": ">=12.0.0"
   },
   "keywords": [
     "socket",
@@ -25,87 +25,58 @@
     "url": "https://github.com/Thream/socketio-jwt/issues"
   },
   "homepage": "https://github.com/Thream/socketio-jwt#readme",
-  "husky": {
-    "hooks": {
-      "commit-msg": "commitlint -E HUSKY_GIT_PARAMS",
-      "pre-commit": "npm run lint"
-    }
-  },
-  "release-it": {
-    "git": {
-      "commitMessage": "chore(release): v${version}"
-    },
-    "github": {
-      "release": false
-    },
-    "npm": {
-      "publish": false
-    },
-    "hooks": {
-      "before:init": [
-        "npm run lint",
-        "npm run test"
-      ]
-    },
-    "plugins": {
-      "@release-it/conventional-changelog": {
-        "preset": "angular",
-        "infile": "CHANGELOG.md"
-      }
-    }
-  },
-  "jest": {
-    "preset": "ts-jest",
-    "testEnvironment": "node",
-    "rootDir": "./src",
-    "collectCoverage": true,
-    "coverageDirectory": "../coverage/"
-  },
   "ts-standard": {
-    "files": [
+    "ignore": [
-      "./src/**/*.ts"
+      "build",
+      "coverage",
+      "node_modules"
     ],
     "envs": [
       "node",
       "jest"
-    ]
+    ],
+    "report": "stylish"
   },
   "scripts": {
     "build": "rimraf ./build && tsc",
-    "lint": "exit 0",
+    "lint:commit": "commitlint",
-    "format": "ts-standard --fix | snazzy",
+    "lint:editorconfig": "editorconfig-checker",
-    "release": "release-it",
+    "lint:markdown": "markdownlint '**/*.md' --dot --ignore node_modules",
+    "lint:typescript": "ts-standard",
+    "release": "semantic-release",
     "test": "jest",
-    "test:watchAll": "jest --watchAll",
+    "postinstall": "husky install",
-    "test:clearCache": "jest --clearCache"
+    "prepublishOnly": "pinst --disable",
+    "postpublish": "pinst --enable"
   },
   "peerDependencies": {
-    "socket.io": "*"
+    "socket.io": ">=3.0.0"
   },
   "dependencies": {
     "jsonwebtoken": "8.5.1"
   },
   "devDependencies": {
-    "@commitlint/cli": "11.0.0",
+    "@commitlint/cli": "12.1.4",
-    "@commitlint/config-conventional": "11.0.0",
+    "@commitlint/config-conventional": "12.1.4",
-    "@release-it/conventional-changelog": "2.0.0",
+    "@types/express": "4.17.13",
-    "@types/express": "4.17.9",
+    "@types/jest": "26.0.24",
-    "@types/jest": "26.0.19",
+    "@types/jsonwebtoken": "8.5.4",
-    "@types/jsonwebtoken": "8.5.0",
+    "@types/node": "16.4.1",
-    "@types/node": "14.14.16",
     "@types/server-destroy": "1.0.1",
     "axios": "0.21.1",
+    "editorconfig-checker": "4.0.2",
     "express": "4.17.1",
-    "husky": "4.3.6",
+    "husky": "7.0.1",
-    "jest": "26.6.3",
+    "jest": "27.0.6",
-    "release-it": "14.2.2",
+    "markdownlint-cli": "0.28.1",
+    "pinst": "2.1.6",
     "rimraf": "3.0.2",
+    "semantic-release": "17.4.4",
     "server-destroy": "1.0.1",
-    "snazzy": "9.0.0",
+    "socket.io": "4.1.3",
-    "socket.io": "3.0.4",
+    "socket.io-client": "4.1.3",
-    "socket.io-client": "3.0.4",
+    "ts-jest": "27.0.4",
-    "ts-jest": "26.4.4",
     "ts-standard": "10.0.0",
-    "typescript": "4.1.3"
+    "typescript": "4.3.5"
   }
 }

src/__test__/authorize.test.ts

@@ -1,17 +1,19 @@
 import axios from 'axios'
 import { io } from 'socket.io-client'
 
-import { fixtureStart, fixtureStop } from './fixture'
+import { fixtureStart, fixtureStop, getSocket, Profile } from './fixture'
 
-describe('authorize', () => {
+describe('authorize - with secret as string in options', () => {
   let token: string = ''
 
   beforeEach((done) => {
-    jest.setTimeout(15_000)
     fixtureStart(async () => {
       const response = await axios.post('http://localhost:9000/login')
       token = response.data.token
-      done()
+    })
+      .then(done)
+      .catch((error) => {
+        done(error)
       })
   })
 
@@ -31,7 +33,7 @@ describe('authorize', () => {
 
   it('should emit error with bad token format', (done) => {
     const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: 'testing' }
+      auth: { token: 'testing' }
     })
     socket.on('connect_error', (err: any) => {
       expect(err.data.message).toEqual(
@@ -45,7 +47,7 @@ describe('authorize', () => {
 
   it('should emit error with unauthorized handshake', (done) => {
     const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: 'Bearer testing' }
+      auth: { token: 'Bearer testing' }
     })
     socket.on('connect_error', (err: any) => {
       expect(err.data.message).toEqual(
@@ -59,11 +61,206 @@ describe('authorize', () => {
 
   it('should connect the user', (done) => {
     const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: `Bearer ${token}` }
+      auth: { token: `Bearer ${token}` }
+    })
+    socket.on('connect', () => {
+      socket.close()
+      done()
+    })
+    socket.on('connect_error', (err: any) => {
+      done(err)
+    })
+  })
+})
+
+const secretCallback = async (): Promise<string> => {
+  return 'somesecret'
+}
+
+describe('authorize - with secret as callback in options', () => {
+  let token: string = ''
+
+  beforeEach((done) => {
+    fixtureStart(
+      async () => {
+        const response = await axios.post('http://localhost:9000/login')
+        token = response.data.token
+      },
+      { secret: secretCallback }
+    )
+      .then(done)
+      .catch((error) => {
+        done(error)
+      })
+  })
+
+  afterEach((done) => {
+    fixtureStop(done)
+  })
+
+  it('should emit error with no token provided', (done) => {
+    const socket = io('http://localhost:9000')
+    socket.on('connect_error', (err: any) => {
+      expect(err.data.message).toEqual('no token provided')
+      expect(err.data.code).toEqual('credentials_required')
+      socket.close()
+      done()
+    })
+  })
+
+  it('should emit error with bad token format', (done) => {
+    const socket = io('http://localhost:9000', {
+      auth: { token: 'testing' }
+    })
+    socket.on('connect_error', (err: any) => {
+      expect(err.data.message).toEqual(
+        'Format is Authorization: Bearer [token]'
+      )
+      expect(err.data.code).toEqual('credentials_bad_format')
+      socket.close()
+      done()
+    })
+  })
+
+  it('should emit error with unauthorized handshake', (done) => {
+    const socket = io('http://localhost:9000', {
+      auth: { token: 'Bearer testing' }
+    })
+    socket.on('connect_error', (err: any) => {
+      expect(err.data.message).toEqual(
+        'Unauthorized: Token is missing or invalid Bearer'
+      )
+      expect(err.data.code).toEqual('invalid_token')
+      socket.close()
+      done()
+    })
+  })
+
+  it('should connect the user', (done) => {
+    const socket = io('http://localhost:9000', {
+      auth: { token: `Bearer ${token}` }
+    })
+    socket.on('connect', () => {
+      socket.close()
+      done()
+    })
+    socket.on('connect_error', (err: any) => {
+      done(err)
+    })
+  })
+})
+
+describe('authorize - with onAuthentication callback in options', () => {
+  let token: string = ''
+  let wrongToken: string = ''
+
+  beforeEach((done) => {
+    fixtureStart(
+      async () => {
+        const response = await axios.post('http://localhost:9000/login')
+        token = response.data.token
+        const responseWrong = await axios.post(
+          'http://localhost:9000/login-wrong'
+        )
+        wrongToken = responseWrong.data.token
+      },
+      {
+        secret: secretCallback,
+        onAuthentication: (decodedToken: Profile) => {
+          if (!decodedToken.checkField) {
+            throw new Error('Check Field validation failed')
+          }
+          return {
+            email: decodedToken.email
+          }
+        }
+      }
+    )
+      .then(done)
+      .catch((error) => {
+        done(error)
+      })
+  })
+
+  afterEach((done) => {
+    fixtureStop(done)
+  })
+
+  it('should emit error with no token provided', (done) => {
+    const socket = io('http://localhost:9000')
+    socket.on('connect_error', (err: any) => {
+      expect(err.data.message).toEqual('no token provided')
+      expect(err.data.code).toEqual('credentials_required')
+      socket.close()
+      done()
+    })
+  })
+
+  it('should emit error with bad token format', (done) => {
+    const socket = io('http://localhost:9000', {
+      auth: { token: 'testing' }
+    })
+    socket.on('connect_error', (err: any) => {
+      expect(err.data.message).toEqual(
+        'Format is Authorization: Bearer [token]'
+      )
+      expect(err.data.code).toEqual('credentials_bad_format')
+      socket.close()
+      done()
+    })
+  })
+
+  it('should emit error with unauthorized handshake', (done) => {
+    const socket = io('http://localhost:9000', {
+      auth: { token: 'Bearer testing' }
+    })
+    socket.on('connect_error', (err: any) => {
+      expect(err.data.message).toEqual(
+        'Unauthorized: Token is missing or invalid Bearer'
+      )
+      expect(err.data.code).toEqual('invalid_token')
+      socket.close()
+      done()
+    })
+  })
+
+  it('should connect the user', (done) => {
+    const socket = io('http://localhost:9000', {
+      auth: { token: `Bearer ${token}` }
     })
     socket.on('connect', () => {
       socket.close()
       done()
     })
   })
+
+  it('should contain user property', (done) => {
+    const socketServer = getSocket()
+    socketServer?.on('connection', (client: any) => {
+      expect(client.user.email).toEqual('john@doe.com')
+    })
+    const socket = io('http://localhost:9000', {
+      auth: { token: `Bearer ${token}` }
+    })
+    socket.on('connect', () => {
+      socket.close()
+      done()
+    })
+  })
+
+  it('should emit error when user validation fails', (done) => {
+    const socket = io('http://localhost:9000', {
+      auth: { token: `Bearer ${wrongToken}` }
+    })
+    socket.on('connect_error', (err: any) => {
+      try {
+        expect(err.message).toEqual('Check Field validation failed')
+      } catch (err) {
+        socket.close()
+        done(err)
+      }
+      socket.close()
+      done()
+    })
+  })
 })

src/__test__/fixture/index.ts

@@ -5,7 +5,13 @@ import { Server as HttpsServer } from 'https'
 import { Server as SocketIoServer } from 'socket.io'
 import enableDestroy from 'server-destroy'
 
-import { authorize } from '../../index'
+import { authorize, AuthorizeOptions } from '../../index'
+
+export interface Profile {
+  email: string
+  id: number
+  checkField: boolean
+}
 
 interface Socket {
   io: null | SocketIoServer
@@ -21,16 +27,34 @@ const socket: Socket = {
 
 let server: HttpServer | null = null
 
-export const fixtureStart = (done: any): void => {
+export const fixtureStart = async (
-  const options = { secret: 'aaafoo super sercret' }
+  done: any,
+  options: AuthorizeOptions = { secret: 'super secret' }
+): Promise<void> => {
+  const profile: Profile = {
+    email: 'john@doe.com',
+    id: 123,
+    checkField: true
+  }
+  let keySecret = ''
+  if (typeof options.secret === 'string') {
+    keySecret = options.secret
+  } else {
+    keySecret = await options.secret({ header: { alg: 'HS256' }, payload: profile })
+  }
   const app = express()
   app.use(express.json())
   app.post('/login', (_req, res) => {
-    const profile = {
+    const token = jwt.sign(profile, keySecret, {
-      email: 'john@doe.com',
+      expiresIn: 60 * 60 * 5
-      id: 123
+    })
-    }
+    return res.json({ token })
-    const token = jwt.sign(profile, options.secret, { expiresIn: 60 * 60 * 5 })
+  })
+  app.post('/login-wrong', (_req, res) => {
+    profile.checkField = false
+    const token = jwt.sign(profile, keySecret, {
+      expiresIn: 60 * 60 * 5
+    })
     return res.json({ token })
   })
   server = app.listen(9000, done)
@@ -43,6 +67,10 @@ export const fixtureStop = (callback: Function): void => {
   socket.io?.close()
   try {
     server?.destroy()
-  } catch (err) {}
+  } catch {}
   callback()
 }
+
+export const getSocket = (): SocketIoServer | null => {
+  return socket.io
+}

src/__test__/setup.ts

@@ -0,0 +1 @@
+jest.setTimeout(15_000)

src/authorize.ts

@@ -1,28 +1,50 @@
-import jwt from 'jsonwebtoken'
+import jwt, { Algorithm } from 'jsonwebtoken'
 import { Socket } from 'socket.io'
 
 import { UnauthorizedError } from './UnauthorizedError'
 
+declare module 'socket.io' {
+  interface Socket extends ExtendedSocket {}
+}
+
 interface ExtendedError extends Error {
   data?: any
 }
 
+interface ExtendedSocket {
+  encodedToken?: string
+  decodedToken?: any
+  user?: any
+}
+
 type SocketIOMiddleware = (
   socket: Socket,
   next: (err?: ExtendedError) => void
 ) => void
 
-interface AuthorizeOptions {
+interface CompleteDecodedToken {
-  secret: string
+  header: {
+    alg: Algorithm
+    [key: string]: any
+  }
+  payload: any
+}
+
+type SecretCallback = (decodedToken: CompleteDecodedToken) => Promise<string> | string
+
+export interface AuthorizeOptions {
+  secret: string | SecretCallback
+  algorithms?: Algorithm[]
+  onAuthentication?: (decodedToken: any) => Promise<any> | any
 }
 
 export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
-  const { secret } = options
+  const { secret, algorithms = ['HS256'], onAuthentication } = options
-  return (socket, next) => {
+  return async (socket, next) => {
-    let token: string | null = null
+    let encodedToken: string | null = null
-    const authorizationHeader = socket.request.headers.authorization
+    const { token } = socket.handshake.auth
-    if (authorizationHeader != null) {
+    if (token != null) {
-      const tokenSplitted = authorizationHeader.split(' ')
+      const tokenSplitted = token.split(' ')
       if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
         return next(
           new UnauthorizedError('credentials_bad_format', {
@@ -30,20 +52,26 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
           })
         )
       }
-      token = tokenSplitted[1]
+      encodedToken = tokenSplitted[1]
     }
-    if (token == null) {
+    if (encodedToken == null) {
       return next(
         new UnauthorizedError('credentials_required', {
           message: 'no token provided'
         })
       )
     }
-    // Store encoded JWT
+    socket.encodedToken = encodedToken
-    socket = Object.assign(socket, { encodedToken: token })
+    let keySecret: string | null = null
-    let payload: any
+    let decodedToken: any
+    if (typeof secret === 'string') {
+      keySecret = secret
+    } else {
+      const completeDecodedToken = jwt.decode(encodedToken, { complete: true })
+      keySecret = await secret(completeDecodedToken as CompleteDecodedToken)
+    }
     try {
-      payload = jwt.verify(token, secret)
+      decodedToken = jwt.verify(encodedToken, keySecret, { algorithms })
     } catch {
       return next(
         new UnauthorizedError('invalid_token', {
@@ -51,8 +79,14 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
         })
       )
     }
-    // Store decoded JWT
+    socket.decodedToken = decodedToken
-    socket = Object.assign(socket, { decodedToken: payload })
+    if (onAuthentication != null) {
+      try {
+        socket.user = await onAuthentication(decodedToken)
+      } catch (err) {
+        return next(err)
+      }
+    }
     return next()
   }
 }

tsconfig.json

@@ -1,23 +1,13 @@
 {
   "compilerOptions": {
-    "target": "ES2019",
+    "target": "ESNext",
     "module": "commonjs",
-    "lib": ["ES2019"],
+    "lib": ["ESNext"],
     "moduleResolution": "node",
-    "allowJs": false,
-    "checkJs": false,
-    "declaration": true,
-    "sourceMap": false,
     "outDir": "./build",
     "rootDir": "./src",
-    "removeComments": false,
-    "noEmitOnError": true,
-    "importHelpers": false,
     "strict": true,
     "esModuleInterop": true,
-    "experimentalDecorators": true,
+    "declaration": true,
-    "emitDecoratorMetadata": true,
-    "forceConsistentCasingInFileNames": true,
-    "incremental": false
   }
 }